Re: [CentOS] Spotty internet connection

> -Original Message- > From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of Joseph L. > Casale > Sent: Thursday, February 2, 2017 8:58 PM > To: 'CentOS mailing list' > Subject: Re: [CentOS] Spotty internet connection > > > -Original Message- > > From: CentOS

Re: [CentOS] Spotty internet connection

> -Original Message- > From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of Matt > Garman > Sent: Thursday, February 2, 2017 8:52 PM > To: CentOS mailing list > Subject: Re: [CentOS] Spotty internet connection > > On Thu, Feb 2, 2017 at 7:13 PM, TE Dukes

Re: [CentOS] Spotty internet connection

> -Original Message- > From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of TE Dukes > Sent: Thursday, February 2, 2017 6:13 PM > To: 'CentOS mailing list' > Subject: [CentOS] Spotty internet connection > > How do you IT guys diagnose the problem with a spotty

Re: [CentOS] Spotty internet connection

On Thu, Feb 2, 2017 at 7:13 PM, TE Dukes wrote: > Lately I have been getting slow and partial page loads, server not found, > server timed out, etc.. Get knocked off ssh when accessing my home server > from work, etc. Its not the work connection because I don't have

Re: [CentOS] AWS ami are out of date / support restricted instance subset

I can, but that does not address the issue that baseline AMIs provided by CentOS are currently outdated. Happy to help out if this is simply due to missing manpower required to test. On Fri, Feb 3, 2017 at 10:59 AM, Hal Wigoda wrote: > You can always build your own, no? >

[CentOS] Spotty internet connection

How do you IT guys diagnose the problem with a spotty internet connection? Just spent an hour on the phone with TWC/Spectrum. Of course they don't see anything wrong with their service. They send me to speedtest.net. The first attempt, the page didn't fully load, the second attempt, the page

Re: [CentOS] AWS ami are out of date / support restricted instance subset

You can always build your own, no? (Sent from iPhone, so please accept my apologies in advance for any spelling or grammatical errors.) > On Feb 2, 2017, at 5:28 PM, Kadrach wrote: > > Hi all, > > the current AWS Marketplace CentOS7 AMIs (1602) are restricted to an >

[CentOS] AWS ami are out of date / support restricted instance subset

Hi all, the current AWS Marketplace CentOS7 AMIs (1602) are restricted to an outdated subset of EC2 instance types (at least m4.16xlarge and x1.* are missing). The AMIs are also based on 7.2.1511, which is now quite outdated. Are there any concrete plans to update the AMIs? Is this due to a lack

[CentOS-announce] CESA-2017:0238 Important CentOS 7 thunderbird Security Update

CentOS Errata and Security Advisory 2017:0238 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-0238.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64:

[CentOS-announce] CESA-2017:0238 Important CentOS 5 thunderbird Security Update

CentOS Errata and Security Advisory 2017:0238 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-0238.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386:

[CentOS-announce] CESA-2017:0238 Important CentOS 6 thunderbird Security Update

CentOS Errata and Security Advisory 2017:0238 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-0238.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386:

Re: [CentOS] Serious attack vector on pkcheck ignored by Red Hat

On 02/02/2017 12:37 PM, Leonard den Ottolander wrote: So by continuing to have these memory leaks in the binary you are making it easier for a malevolent local user to mount an attack that might cause the "desired" privilege escalation. I'm really struggling to explain this more simply and

Re: [CentOS] downgrading packages

On Thu, Feb 02, 2017 at 08:52:27AM +, Ned Slider wrote: > On 02/02/17 06:32, Jon LaBadie wrote: > > After the large update from 7.2 -> 7.3 there is > > one major problem, the amanda backup packages. > > > > Strange situation, the host is the amanda server > > is working fine at backing up all

Re: [CentOS] Serious attack vector on pkcheck ignored by Red Hat

On Thu, 2017-02-02 at 12:18 -0800, Gordon Messmer wrote: > I apologize if my intent was unclear. I was providing you with the text > that you should use in your bug report. I am not explaining the problem > to you, I am showing you a clear way to explain the problem in the bug > report. You

Re: [CentOS] Serious attack vector on pkcheck ignored by Red Hat

On 02/02/2017 11:46 AM, Leonard den Ottolander wrote: That memory leak can be used to cause the heap and the stack to run in to each other, and that flaw has previously been combined with bugs in glibc to produce an exploit. The glibc bug is now fixed, but there is still a risk that collision

Re: [CentOS] Serious attack vector on pkcheck ignored by Red Hat

On Thu, 2017-02-02 at 10:39 -0800, Gordon Messmer wrote: > Open a new bug report and focus on this patch, exclusively: > https://cgit.freedesktop.org/polkit/commit/src/programs/pkexec.c?id=6c992bc8aefa195a41eaa41c07f46f17de18e25c By the way, the comment for that commit starts with: This usage is

Re: [CentOS] Serious attack vector on pkcheck ignored by Red Hat

On Thu, 2017-02-02 at 10:39 -0800, Gordon Messmer wrote: > It took me a while to find the patch that you mentioned, which is > probably why your bugs are being disregarded. It is beyond my control where patches are listed in the Red Hat bugzilla pages. I don't think the Red Hat employee involved

Re: [CentOS-virt] Selinux Problem

On 01/30/2017 03:22 AM, George Dunlap wrote: > > I think that comment may be a little old. I do try to support SELinux > -- the smoke tests I use before pushing changes have it enabled by > default, and they use both qemu-xen and blktap. > > But it's difficult to help debug problems when you

Re: [CentOS] Serious attack vector on pkcheck ignored by Red Hat

On 02/02/2017 07:35 AM, Leonard den Ottolander wrote: If that's so, why are you supplying patches to pkcheck rather than fixing pkexec? The patch has a fix for three memory leaks. One memory leak that allows heap spraying in pkexec.c that according to the aforementioned article is*directly*

Re: [CentOS-virt] Selinux Problem

On Thu, Feb 2, 2017 at 4:46 PM, -=X.L.O.R.D=- wrote: > Selinux is way too complicated for Xen environment, there are other > alternative to security your system than SeLinux. But the core repository for SELinux has rules for all the Xen functionality, which CentOS mostly

Re: [CentOS] Cron.Hourly

On Thu, Feb 02, 2017 at 10:55:00AM -0600, Matt wrote: > When I have multiple scripts in /etc/cron.hourly/ using noanacron do > they all start at same time or sequentially? I would rather they all > went at same time in case one takes close to an hour to complete. Sequentially. This is

Re: [CentOS] Buttons too big in Firefox for Linux

I have found a drastic solution to the problem. The HDD in my development workstation has just died. I'm half way through the install/config on a new HDD and have tested Firefox. The buttons are now appearing as the right size again. A drastic but effective solution

[CentOS] Cron.Hourly

When I have multiple scripts in /etc/cron.hourly/ using noanacron do they all start at same time or sequentially? I would rather they all went at same time in case one takes close to an hour to complete. ___ CentOS mailing list CentOS@centos.org

Re: [CentOS] Serious attack vector on pkcheck ignored by Red Hat

On Thu, 2017-02-02 at 07:16 -0800, Gordon Messmer wrote: > On 02/02/2017 06:51 AM, Leonard den Ottolander wrote: > > pkcheck might not be directly vulnerable. However, pkexec is. > > > If that's so, why are you supplying patches to pkcheck rather than > fixing pkexec? The patch has a fix for

Re: [CentOS] Serious attack vector on pkcheck ignored by Red Hat

On 02/02/2017 06:51 AM, Leonard den Ottolander wrote: pkcheck might not be directly vulnerable. However, pkexec is. If that's so, why are you supplying patches to pkcheck rather than fixing pkexec? If your bug report, you said, "The author clearly states that in his example exploit he

Re: [CentOS] Buttons too big in Firefox for Linux

Mozilla probably (finally) made the adjustment for 2160 lines of resolution. LOTS of softwares need[ed] to tweak their interfaces to be usable on 4k displays. On Thu, Feb 2, 2017 at 6:01 AM, Gary Stainburn wrote: > On Thursday 02 February 2017 10:22:19 John Hodrien wrote: >

Re: [CentOS-virt] CentOS AMI's published to AWS

Does anyone have any info on the AWS AMI publishing process? Is there a better place to ask? On Wed, Jan 25, 2017 at 9:42 PM, Nico Kadel-Garcia wrote: > On Tue, Jan 24, 2017 at 6:09 PM, Wesley Novack > wrote: > > Greetings! Can someone please explain

Re: [CentOS] Serious attack vector on pkcheck ignored by Red Hat

On Thu, 2017-02-02 at 06:40 -0800, John R Pierce wrote: > On 2/2/2017 6:22 AM, Leonard den Ottolander wrote: > > However, the fact that the binary in the example is setuid is orthogonal > > to the fact that heap spraying is a very serious attack vector. > > without privilege escalation, what does

Re: [CentOS] Serious attack vector on pkcheck ignored by Red Hat

On 2/2/2017 6:22 AM, Leonard den Ottolander wrote: However, the fact that the binary in the example is setuid is orthogonal to the fact that heap spraying is a very serious attack vector. without privilege escalation, what does it attack ? -- john r pierce, recycling bits in santa cruz

[CentOS] Serious attack vector on pkcheck ignored by Red Hat

Based on an article that was mentioned on this list https://googleprojectzero.blogspot.nl/2014/08/the-poisoned-nul-byte-2014-edition.html I found two attacker controlled memory leaks in the option parsing of pkcheck.c. These memory leaks allow a local attacker the ability to "spray the heap",

[CentOS] CentOS-announce Digest, Vol 144, Issue 1

Send CentOS-announce mailing list submissions to centos-annou...@centos.org To subscribe or unsubscribe via the World Wide Web, visit https://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to

Re: [CentOS] Buttons too big in Firefox for Linux

On Thursday 02 February 2017 10:22:19 John Hodrien wrote: > The safe bet is, it doesn't, and it's something unique to you/your > profile/your firefox configuration. Have you got an example URL that > you're saying obviously misrenders in firefox? > > Does it still misbehave if you run firefox in

Re: [CentOS] Squashfs as root filesystem

W dniu 01.02.2017 o 13:37, Marcin Trendota pisze: > I have squashfs file i want use as root filesystem for diskless machines > (PXE boot). I can't figure out how to configure it. OK, i did it MoonWolf's way(TM). I wrote dracut module to deal with squashfs root. -- Over And Out MoonWolf

Re: [CentOS] Buttons too big in Firefox for Linux

On Thu, 2 Feb 2017, Gary Stainburn wrote: It appears to be any or anywhere on the page, whether inside DIV's, Frames or not. They're only slightly bigger than they should be but it's enough to break page layouts. I've been doing some more reading and it appears that it's something to do

Re: [CentOS] Script not running correctly as cronjob

In article <9f43c460b0374ac3951c18dd2d477...@2sic.com>, Daniel Reich wrote: > Thank you for the hints > > I modified like you described. > I also moved the permission part out of the loop (once at the end of the > script is enough). > > Now with the "set -x" the script

Re: [CentOS] Buttons too big in Firefox for Linux

On Thursday 02 February 2017 06:21:41 geo.inbox.ignored wrote: > On 02/01/2017 08:32 AM, Gary Stainburn wrote: > > A while back, after doing a yum update, a new version of Firefox was > > installed and since then, the contents of my pages don't fit any more > > because the buttons are now much

Re: [CentOS] downgrading packages

Hi, you should be able to remove the existing rpms and then do a local install using rpms from vault, perhaps http://vault.centos.org/7.2.1511/os/x86_64/Packages/ I haven't specifically done this for amanda, but the process has worked for other packages. Please make sure you have a reliable

Re: [CentOS] downgrading packages

On 02/02/17 06:32, Jon LaBadie wrote: After the large update from 7.2 -> 7.3 there is one major problem, the amanda backup packages. Strange situation, the host is the amanda server is working fine at backing up all my remote clients. But it has an error backing up itself. The amanda packages